f4e99c4d9056c362cbddcd84360c7fcc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f4e99c4d9056c362cbddcd84360c7fcc_JaffaCakes118
Size

101KB
MD5

f4e99c4d9056c362cbddcd84360c7fcc
SHA1

8c48ea3bebb34deaf7a89b165999817543e9cc1c
SHA256

d2053923ba96fef4b4735cd30e81d83b6edd6472e7e81bffb2435f593224d48d
SHA512

2434e2bc3b79046f08eaa2905762f14ad9ff2115808f1eece33ee013e15f4607ef9c5b718315977a38d4c6910ed9a5aa4f8b03b0f7accd2ecdab79de9566cf6b
SSDEEP

3072:oKIytS+xXG77dg7YSdwEocGRF1f+2UBb4Oc:E+xXUdEaFRvf+2UtK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4e99c4d9056c362cbddcd84360c7fcc_JaffaCakes118

Files

f4e99c4d9056c362cbddcd84360c7fcc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d1b8344827f968485d64334e4c8d2ae7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorW
WinHelpW
RegisterClipboardFormatW
SendMessageW
ReleaseDC
LoadIconW
MessageBoxW
wsprintfW
DialogBoxParamW
LoadBitmapW
LoadImageW
SystemParametersInfoW
SetWindowTextW
SetFocus
GetDlgItem
InsertMenuItemW
GetDlgItemTextA
LoadStringW
PostMessageW
SetCursor
EnableWindow
SetDlgItemTextW
GetParent
SendDlgItemMessageW
EndDialog
GetWindowLongW
SetWindowLongW
GetDC

kernel32

FileTimeToSystemTime
CreateFileW
GetProcAddress
DeleteCriticalSection
WideCharToMultiByte
GetModuleFileNameW
FormatMessageW
OutputDebugStringA
GlobalAlloc
GetSystemWindowsDirectoryW
lstrcmpiW
IsBadReadPtr
GetComputerNameW
OutputDebugStringW
GetStartupInfoA
GetModuleHandleA
SetLastError
GetLastError
GetCurrentProcess
GetSystemDefaultLangID
FileTimeToLocalFileTime
lstrlenW
GlobalFree
GetEnvironmentStringsW
QueryPerformanceCounter
InterlockedDecrement
LoadLibraryW
CloseHandle
LocalFree
SetUnhandledExceptionFilter
InitializeCriticalSection
GlobalUnlock
RemoveDirectoryA
GetSystemTimeAsFileTime
LocalReAlloc
InterlockedIncrement
GetTickCount
GetDateFormatW
GlobalLock
GetCPInfo
lstrcpyW

certcli

CAEnumCertTypes
CAUpdateCA
CAGetCertTypeExtensions
CAGetCAProperty
CAEnumNextCertType
CAFreeCertTypeExtensions
CASetCertTypeExtension
CACloseCertType
CARemoveCACertificateType
CAGetCertTypePropertyEx
CASetCertTypeKeySpec
CAFindCertTypeByName
CACertTypeSetSecurity
CAAddCACertificateType
CASetCertTypeFlags
CAFreeCertTypeProperty
CASetCertTypeProperty
CAGetCertTypeKeySpec
CAGetCertTypeProperty
CAGetCertTypeFlags
CACloseCA
CAUpdateCertType
CACertTypeGetSecurity
CACreateCertType
CAFindByName
CAEnumCertTypesForCA
CAFreeCAProperty

msvcrt

free
vswprintf
wcschr
wcsstr
?terminate@@YAXXZ
wcscat
_onexit
_except_handler3
__RTDynamicCast
wcscpy
??2@YAPAXI@Z
_initterm
wcstoul
??3@YAXPAX@Z
mbstowcs
_adjust_fdiv
__dllonexit
_wcsicmp
wcslen
??1type_info@@UAE@XZ
malloc
memmove
_wcsupr
wcscmp
wcsrchr

advapi32

RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW

comctl32

CreatePropertySheetPageW
PropertySheetW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1b8344827f968485d64334e4c8d2ae7

Headers

File Characteristics

Imports

user32

kernel32

certcli

msvcrt

advapi32

comctl32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 91KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 91KB

.rsrc
Size: 24KB - Virtual size: 23KB